#malicious-plugins

[ follow ]
#jenkins #supply-chain-attacks #checkmarx #teampcp #agentic-ai #ai-security #crypto-scam
Information security
fromThe Hacker News
2 days ago

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Use Checkmarx Jenkins AST plugin version 2.0.13-829.vc72453fa_1c16 or earlier to avoid a malicious Marketplace-published version.
Information security
fromSecurityWeek
2 months ago

Autonomous AI Agents Provide New Class of Supply Chain Attack

Agentic AI can enable active agent-to-agent attacks that harvest private keys and launder funds through malicious 'skills' promoted across agent marketplaces and social platforms.
[ Load more ]